CVE-2021-41043

Vulnerability

A heap use-after-free vulnerability exists in tcpslice versions 1.5-PRE-GIT and 1.2a3 [1]. The bug occurs in the extract_slice function (tcpslice.c:882) when processing a specially crafted pcap file. The get_next_packet function (tcpslice.c:747) frees a memory region that is later accessed by pcap_dump_open via vsnprintf, leading to a use-after-free condition [1].

Exploitation

An attacker can trigger the vulnerability by providing a malicious pcap file to tcpslice with the -w option (e.g., tcpslice -w a.txt heap.pcap). No authentication or special privileges are required; the tool must be run on the attacker-controlled input. The crash is reproducible on the affected versions [1].

Impact

The use-after-free results in a segmentation fault and AddressSanitizer error, causing a denial of service. The CVE description states "no other confirmed impact," meaning arbitrary code execution or information disclosure have not been demonstrated [1].

Mitigation

As of the available references, no patch or fixed version has been released for this vulnerability. Users should avoid processing untrusted pcap files with tcpslice until a fix is available [1].